<?php
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
    echo json_encode(['success' => false, 'message' => 'error: requests are not allowed']);
    exit;
}
$user_name = $_POST['username'] ?? null;
$pass_word = $_POST['password'] ?? null;
$bdmail = $_POST['bdmail'] ?? null;
$capacity = $_POST['capacity'] ?? null;
$capacityed = $_POST['capacityed'] ?? null;
$rate = $_POST['rate'] ?? null;
$rated = $_POST['rated'] ?? null;
$vip = $_POST['vip'] ?? null;
if($user_name == null || $pass_word == null || $bdmail == null) {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
if($capacity == null || $rate == null) {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
if($vip == null || $capacityed == null || $rated == null) {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
require($_SERVER['DOCUMENT_ROOT'].'/cofd/common.php');
function generateUniqueId($conn, $length = 7) {
    $letters = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $id = '';
    $id .= $letters[rand(0, strlen($letters) - 1)];
    $length -= 1;
    do {
        $id = '';
        for ($i = 0; $i < $length; $i++) {
            $id .= $characters[rand(0, strlen($characters) - 1)];
        }
        $result = $conn->query("SELECT 1 FROM user WHERE id = '$id'");
        if ($result !== false && $result->num_rows > 0) {
            $id = '';
        } else {
            break;
        }
    } while ($id === '');
    return $id;
}
$sqlSelect = "SELECT 1 FROM user WHERE username = ?";
$stmt = $conn->prepare($sqlSelect);
$stmt->bind_param("s", $user_name);
if(!$stmt->execute()) {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
$result = $stmt->get_result();
if($result->num_rows > 0) {
    echo "<script>alert('register failed: This account has already been registered'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
$id = generateUniqueId($conn);
if ($id === false) {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
$sqlInsert = "INSERT INTO user (`id`, `username`,`password` ,`bdmail`,`capacity`,`rate`,`rated`,`capacityed`,`vip`) VALUES (?, ?, ?,?,?,?,?,?,?)";
$stmt = $conn->prepare($sqlInsert);
$stmt->bind_param("ssssdddds", $id, $user_name, $pass_word, $bdmail,$capacity,  $rate,$rated, $capacityed,$vip);
if ($stmt->execute()) {
} else {
    echo "<script>alert('register failed'); window.location.href = '../../alluser.php?s=allusers';</script>";
    exit();
}
$stmt->close();
$conn->close();
echo "<script>alert('register success'); window.location.href = '../../alluser.php?s=allusers';</script>";